Lucene search
+L

155 matches found

nvd
nvd
added 2020/01/23 3:15 p.m.26 views

CVE-2019-19839

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/cmdstat.jsp via the uploadFile attribute...

10CVSS9.6AI score0.03282EPSS
Exploits1References3
osv
osv
added 2020/01/23 3:15 p.m.3 views

CVE-2019-19838

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/cmdstat.jsp via the uploadFile attribute...

9.8CVSS7.5AI score0.2436EPSS
Exploits1References3
osv
osv
added 2020/01/23 3:15 p.m.4 views

CVE-2019-19839

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/cmdstat.jsp via the uploadFile attribute...

9.8CVSS7.5AI score0.03282EPSS
Exploits1References3
prion
prion
added 2020/01/23 3:15 p.m.17 views

Command injection

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/cmdstat.jsp via the uploadFile attribute...

10CVSS9.4AI score0.2436EPSS
Exploits1References3Affected Software2
prion
prion
added 2020/01/23 3:15 p.m.21 views

Command injection

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/cmdstat.jsp via the uploadFile attribute...

10CVSS9.4AI score0.03282EPSS
Exploits1References3Affected Software2
cvelist
cvelist
added 2020/01/23 1:42 p.m.24 views

CVE-2019-19839

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/cmdstat.jsp via the uploadFile attribute...

9.6AI score0.03282EPSS
Exploits1References3
cve
cve
added 2020/01/23 1:42 p.m.51 views

CVE-2019-19839

CVE-2019-19839 affects Ruckus Wireless Unleashed emfd; a remote attacker can execute OS commands by sending a POST to admin/_cmdstat.jsp with xcmd=import-category via the uploadFile attribute. Root cause is improper handling of the xcmd=import-category parameter in emfd, enabling command executio...

10CVSS9.5AI score0.03282EPSS
Exploits1References3Affected Software1
cve
cve
added 2020/01/23 1:41 p.m.61 views

CVE-2019-19838

CVE-2019-19838 affects Ruckus Wireless Unleashed firmware (emfd) up to and including 200.7.10.102.64. The issue allows remote command execution when an attacker crafts a POST to admin/_cmdstat.jsp with the uploadFile attribute and the xcmd=get-platform-depends parameter, triggering OS commands on...

10CVSS9.5AI score0.2436EPSS
Exploits1References3Affected Software1
osv
osv
added 2020/01/23 1:15 p.m.2 views

CVE-2019-19837

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests...

5.3CVSS6.1AI score0.01994EPSS
Exploits1References3
osv
osv
added 2020/01/23 1:15 p.m.5 views

CVE-2019-19835

SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/rcmdstat.jsp URI...

7.5CVSS7.2AI score0.01778EPSS
Exploits1References3
prion
prion
added 2020/01/23 1:15 p.m.17 views

Information disclosure

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests...

7.8CVSS5.3AI score0.01994EPSS
Exploits1References3Affected Software2
prion
prion
added 2020/01/23 1:15 p.m.17 views

Server side request forgery (ssrf)

SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/rcmdstat.jsp URI...

5CVSS7.4AI score0.01778EPSS
Exploits1References3Affected Software2
cvelist
cvelist
added 2020/01/23 12:44 p.m.24 views

CVE-2019-19835

SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/rcmdstat.jsp URI...

7.8AI score0.01778EPSS
Exploits1References3
cve
cve
added 2020/01/23 12:44 p.m.56 views

CVE-2019-19835

The CVE-2019-19835 entry describes an SSRF vulnerability in AjaxRestrictedCmdStat (zap) affecting Ruckus Wireless Unleashed through 200.7.10.102.64, enabling a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI. Affected product scope is Ruckus Unleashed firmware; ex...

7.5CVSS7.8AI score0.01778EPSS
Exploits1References3Affected Software1
cve
cve
added 2020/01/23 12:26 p.m.61 views

CVE-2019-19837

CVE-2019-19837 affects Ruckus Wireless Unleashed firmware up to 200.7.10.102.64. Affected component: the web interface. Root cause: incorrect access control in the web interface, which permits remote disclosure of the bin/web.conf file via HTTP requests. Impact: information disclosure of configur...

7.8CVSS6.1AI score0.01994EPSS
Exploits1References3Affected Software1
nvd
nvd
added 2020/01/22 9:15 p.m.17 views

CVE-2019-19842

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/cmdstat.jsp via the mac attribute...

10CVSS9.6AI score0.04959EPSS
Exploits1References3
nvd
nvd
added 2020/01/22 9:15 p.m.20 views

CVE-2019-19841

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/cmdstat.jsp via the mac attribute...

10CVSS9.6AI score0.03282EPSS
Exploits1References3
osv
osv
added 2020/01/22 9:15 p.m.4 views

CVE-2019-19842

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/cmdstat.jsp via the mac attribute...

9.8CVSS7.5AI score0.04959EPSS
Exploits1References3
nvd
nvd
added 2020/01/22 9:15 p.m.17 views

CVE-2019-19840

A stack-based buffer overflow in zapparseargs in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request...

9.8CVSS10AI score0.04126EPSS
Exploits1References3
osv
osv
added 2020/01/22 9:15 p.m.4 views

CVE-2019-19840

A stack-based buffer overflow in zapparseargs in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request...

9.8CVSS8.2AI score0.04126EPSS
Exploits1References3
Rows per page
Query Builder